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Abstract 


This document supplements RFC 3279. It describes encoding formats, 

identifiers, and parameter formats for the algorithms GOST R 34.10- 

94, GOST R 34.10-2001, and GOST R 34.11-94 for use in Internet X.509 
Public Key Infrastructure (PKI). 
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1. Introduction 


This document supplements RFC 3279 [PKALGS]. It describes the 
conventions for using the GOST R 34.10-94 [GOST3431095, GOSTR341094] 
and GOST R 34.10-2001 [GOST3431004, GOSTR341001] signature 
algorithms, VKO GOST R 34.10-94 and VKO GOST R 34.10-2001 key 
derivation algorithms, and GOST R 34.11-94 [GOST3431195, GOSTR341194] 
one-way hash function in the Internet X.509 Public Key Infrastructure 
(PKI) [PROFILE]. 


This document provides supplemental information and specifications 
needed by the "Russian Cryptographic Software Compatibility 
Agreement" community. 


The algorithm identifiers and associated parameters are specified for 
subject public keys that employ the GOST R 34.10-94 [GOSTR341094]/VKO 
GOST R 34.10-94 [CPALGS] or the GOST R 34.10-2001 [GOSTR341001]/VKO 
GOST R 34.10-2001 [CPALGS] algorithms, as is the encoding format for 
the signatures produced by these algorithms. Also, the algorithm 
identifiers for using the GOST R 34.11-94 one-way hash function with 
the GOST R 34.10-94 and GOST R 34.10-2001 signature algorithms are 
Specified. 
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This specification defines the contents of the signatureAlgorithm, 
SignatureValue, signature, and subjectPublicKeyInfo fields within 
X.509 Certificates and CRLs. For each algorithm, the appropriate 
alternatives for the keyUsage certificate extension are provided. 


ASN.1 modules, including all the definitions used in this document, 
can be found in [CPALGS]. 


1.1. Requirement Words 


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 
document are to be interpreted as described in [RFC2119]. 


2. Algorithm Support 


This section is an overview of cryptographic algorithms that may be 
used within the Internet X.509 certificates and CRL profile 
[PROFILE]. It describes one-way hash functions and digital signature 
algorithms that may be used to sign certificates and CRLs, and it 
identifies object identifiers (OIDs) and ASN.1 encoding for public 
keys contained in a certificate. 


Certification authorities (CAs) and/or applications conforming to 
this standard MUST support at least one of the specified public key 
and signature algorithms. 


2.1. One-Way Hash Function 


This section describes the use of a one-way, collision-free hash 
function GOST R 34.11-94, the only one that can be used in the 
digital signature algorithm GOST R 34.10-94/2001. The data that is 
hashed for certificates and CRL signing is fully described in RFC 
3280 [PROFILE]. 


2.1.1. One-Way Hash Function GOST R 34.11-94 


GOST R 34.11-94 has been developed by "GUBS of Federal Agency 
Government Communication and Information" and "All-Russian Scientific 
and Research Institute of Standardization". The algorithm GOST R 
34.11-94 produces a 256-bit hash value of an arbitrary finite bit 
length input. This document does not contain the full GOST R 34.11- 
94 specification, which can be found in [GOSTR341194] (in Russian). 
[Schneier95], ch. 18.11, p. 454, contains a brief technical 
description in English. 


This function MUST always be used with parameter set identified by 
id-GostR3411-94-CryptoProParamSet (see Section 8.2 of [CPALGS]). 
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2.2. Signature Algorithms 


Conforming CAs may use GOST R 34.10-94 or GOST R 34.10-2001 signature 
algorithms to sign certificates and CRLs. 


These signature algorithms MUST always be used with a one-way hash 
function GOST R 34.11-94 as indicated in [GOSTR341094] and 
[GOSTR341001]. 


This section defines algorithm identifiers and parameters to be used 
in the signatureAlgorithm field in a Certificate or CertificateList. 


2.2.1. Signature Algorithm GOST R 34.10-94 


GOST R 34.10-94 has been developed by "GUBS of Federal Agency 
Government Communication and Information" and "All-Russian Scientific 


and Research Institute of Standardization". This document does not 
contain the full GOST R 34.10-94 specification, which can be found in 
[GOSTR341094] (in Russian). [Schneier95], ch. 20.3, p. 495, contains 


a brief technical description in English. 


The ASN.1 object identifier used to identify this signature algorithm 
ls 


id-GostR3411-94-with-GostR3410-94 OBJECT IDENTIFIER ::- 
( iso(1) member-body(2) ru(643) rans(2) cryptopro (2) 
gostR3411-94-with-gostR3410-94(4) } 


When the id-GostR3411-94-with-GostR3410-94 algorithm identifier 
appears as the algorithm field in an AlgorithmIdentifier, the 
encoding SHALL omit the parameters field. That is, the 
AlgorithmIdentifier SHALL be a SEQUENCE of one component: the OBJECT 
IDENTIFIER id-GostR3411-94-with-GostR3410-94. 


The signature algorithm GOST R 34.10-94 generates a digital signature 
in the form of two 256-bit numbers, r' and s. Its octet string 
representation consists of 64 octets, where the first 32 octets 
contain the big-endian representation of s and the second 32 octets 
contain the big-endian representation of r'. 


This definition of a signature value is directly usable in CMS [CMS], 
where such values are represented as octet strings. However, 
signature values in certificates and CRLs [PROFILE] are represented 
as bit strings, and thus the octet string representation must be 
converted. 
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To convert an octet string signature value to a bit string, the most 
Significant bit of the first octet of the signature value SHALL 
become the first bit of the bit string, and so on through the least 
significant bit of the last octet of the signature value, which SHALL 
become the last bit of the bit string. 


2.2.2. Signature Algorithm GOST R 34.10-2001 


GOST R 34.10-2001 was developed by "GUBS of Federal Agency Government 
Communication and Information" and "All-Russian Scientific and 
Research Institute of Standardization". This document does not 
contain the full GOST R 34.10-2001 specification, which can be found 
in [GOSTR341001] (in Russian). 


The ASN.1 object identifier used to identify this signature algorithm 
rss 


id-GostR3411-94-with-GostR3410-2001 OBJECT IDENTIFIER ::- 
( iso(1) member-body(2) ru(643) rans(2) cryptopro (2) 
gostR3411-94-with-gostR3410-2001(3) } 


When the id-GostR3411-94-with-GostR3410-2001 algorithm identifier 
appears as the algorithm field in an AlgorithmIdentifier, the 
encoding SHALL omit the parameters field. That is, the 
AlgorithmIdentifier SHALL be a SEQUENCE of one component: the OBJECT 
IDENTIFIER id-GostR3411-94-with-GostR3410-2001. 


The signature algorithm GOST R 34.10-2001 generates a digital 
Signature in the form of two 256-bit numbers, r and s. Its octet 
string representation consists of 64 octets, where the first 32 
octets contain the big-endian representation of s and the second 32 
octets contain the big-endian representation of r. 


The process described above (Section 2.2.1) MUST be used to convert 
this octet string representation to a bit string for use in 
certificates and CRLs. 


2.3. Subject Public Key Algorithms 


This section defines OIDs and public key parameters for public keys 
that employ the GOST R 34.10-94 [GOSTR341094]/VKO GOST R 34.10-94 
[CPALGS] or the GOST R 34.10-2001 [GOSTR341001]/VKO GOST R 34.10-2001 
[CPALGS] algorithms. 


Use of the same key for both signature and key derivation is NOT 
RECOMMENDED. The intended application for the key MAY be indicated 
in the keyUsage certificate extension (see [PROFILE], Section 
42.2.14.3)4 
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2.3.1. GOST R 34.10-94 Keys 


GOST R 34.10-94 public keys can be used for the signature algorithm 
GOST R 34.10-94 [GOSTR341094] and for the key derivation algorithm 
VKO GOST R 34.10-94 [CPALGS]. 


GOST R 34.10-94 public keys are identified by the following OID: 
id-GostR3410-94 OBJECT IDENTIFIER ::= 


( iso(1) member-body(2) ru(643) rans(2) cryptopro (2) 
gostR3410-94(20) } 


The SubjectPublicKeyInfo.algorithm.algorithm field (see RFC 3280 
[PROFILE]) for GOST R 34.10-94 keys MUST be set to id-GostR3410-94. 


When the id-GostR3410-94 algorithm identifier appears as the 
algorithm field in an AlgorithmIdentifier, the encoding MAY omit the 
parameters field or set it to NULL. Otherwise, this field MUST have 
the following structure: 


GostR3410-94-PublicKeyParameters ::- 
SEQUENCE 1 

publicKeyParamSet 
OBJECT IDENTIFIER, 

digestParamSet 
OBJECT IDENTIFIER, 

encryptionParamSet 
OBJECT IDENTIFIER DEFAULT 

id-Gost28147-89-CryptoPro-A-ParamSet 


} 


where: 


* publicKeyParamSet - public key parameters identifier for GOST R 
34.10-94 (see Section 8.3 of [CPALGS]) 

* digestParamSet - parameters identifier for GOST R 34.11-94 (see 
Section 8.2 of [CPALGS]) 

* encryptionParamSet - parameters identifier for GOST 28147-89 
[GOST28147] (see Section 8.1 of [CPALGS]) 


The absence of parameters SHALL be processed as described in RFC 3280 
[PROFILE], Section 6.1; that is, parameters are inherited from the 
issuer certificate. When the working public key parameters variable 
is set to null, the certificate and any signature verifiable on this 
certificate SHALL be rejected. 
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The GOST R 34.10-94 public key MUST be ASN.1 DER encoded as an OCTET 
STRING; this encoding shall be used as the contents (i.e., the value) 
of the subjectPublicKey component (a BIT STRING) of the 
SubjectPublicKeyInfo data element. 


GostR3410-94-PublicKey ::- OCTET STRING -- public key, Y 


GostR3410-94-PublicKey MUST contain 128 octets of the little-endian 
representation of the public key Y = a^x (mod p), where a and p are 
public key parameters, and x is a private key. 


Some erroneous applications discard zero bits at the end of BIT 
STRING containing the public key. It is RECOMMENDED to pad the bit 
string with zeroes up to 1048 bits (131 octets) on decoding to be 
able to decode the encapsulated OCTET STRING. 


If the keyUsage extension is present in an end-entity certificate 
that contains a GOST R 34.10-94 public key, the following values MAY 
be present: 


digitalSignature; 
nonRepudiation; 
keyEncipherment; and 
keyAgreement. 


If the keyAgreement or keyEnchiperment extension is present in a 
certificate GOST R 34.10-94 public key, the following values MAY be 
present as well: 


encipherOnly; and 
decipherOnly. 


The keyUsage extension MUST NOT assert both encipherOnly and 
decipherOnly. 


If the keyUsage extension is present in an CA or CRL signer 
certificate that contains a GOST R 34.10-94 public key, the following 
values MAY be present: 


digitalSignature; 
nonRepudiation; 
keyCertSign; and 
cRLSign. 


Leontiev & Shefanovski Standards Track [Page 7] 


RFC 4491 Using GOST with PKIX May 2006 


2.3.2. GOST R 34.10-2001 Keys 


GOST R 34.10-2001 public keys can be used for the signature algorithm 
GOST R 34.10-2001 [GOSTR341001] and for the key derivation algorithm 
VKO GOST R 34.10-2001 [CPALGS]. 


GOST R 34.10-2001 public keys are identified by the following OID: 
id-GostR3410-2001 OBJECT IDENTIFIER ::- 


( iso(1) member-body(2) ru(643) rans(2) cryptopro(2) 
gostR3410-2001(19) } 


The SubjectPublicKeyInfo.algorithm.algorithm field (see RFC 3280 
[PROFILE]) for GOST R 34.10-2001 keys MUST be set to id-GostR3410- 
2001. 


When the id-GostR3410-2001 algorithm identifier appears as the 
algorithm field in an AlgorithmIdentifier, the encoding MAY omit the 
parameters field or set it to NULL. Otherwise, this field MUST have 
the following structure: 


GostR3410-2001-PublicKeyParameters ::- 
SEQUENCE 1 

publicKeyParamSet 
OBJECT IDENTIFIER, 

digestParamSet 
OBJECT IDENTIFIER, 

encryptionParamSet 
OBJECT IDENTIFIER DEFAULT 

id-Gost28147-89-CryptoPro-A-ParamSet 


} 
where: 


* publicKeyParamSet - public key parameters identifier for GOST R 
34.10-2001 (see Section 8.4 of [CPALGS] ) 

* digestParamSet - parameters identifier for GOST R 34.11-94 (see 
Section 8.2 of [CPALGS]) 

* encryptionParamSet - parameters identifier for GOST 28147-89 
[GOST28147] (see Section 8.1 of [CPALGS]) 


The absence of parameters SHALL be processed as described in RFC 3280 
[PROFILE], Section 6.1; that is, parameters are inherited from the 
issuer certificate. When the working public key parameters variable 
is set to null, the certificate and any signature verifiable on this 
certificate SHALL be rejected. 
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The GOST R 34.10-2001 public key MUST be ASN.1 DER encoded as an 
OCTET STRING; this encoding shall be used as the contents (i.e., the 
value) of the subjectPublicKey component (a BIT STRING) of the 
SubjectPublicKeyInfo data element. 


GostR3410-2001-PublicKey ::= OCTET STRING -- public key vector, Q 


According to [GOSTR341001], a public key is a point on the elliptic 
curve Q = (x,y). 


GostR3410-2001-PublicKey MUST contain 64 octets, where the first 32 
octets contain the little-endian representation of x and the second 
32 octets contain the little-endian representation of y. This 
corresponds to the binary representation of (<y>256| |<x>256) from 
[GOSTR341001], ch. 5.3. 


Some erroneous applications discard zero bits at the end of BIT 
STRING containing the public key. It is RECOMMENDED to pad the bit 
string with zeroes up to 528 bits (66 octets) on decoding to be able 
to decode the encapsulated OCTET STRING. 


The same keyUsage constraints apply for use of GOST R 34.10-2001 keys 
as described in Section 2.3.1 for GOST R 34.10-94 keys. 


3. Security Considerations 


It is RECOMMENDED that applications verify signature values and 
subject public keys to conform to [GOSTR341001, GOSTR341094] 
standards prior to their use. 


When a certificate is used to support digital signatures as an 
analogue to manual ("wet") signatures, in the context of Russian 
Federal Electronic Digital Signature Law [RFEDSL], the certificate 
MUST contain keyUsage extension, it MUST be critical, and keyUsage 
MUST NOT include keyEncipherment and keyAgreement. 


It is RECOMMENDED that CAs and applications make sure that the 
private key for creating signatures is not used for more than its 
allowed validity period (typically 15 months for both the GOST R 
34.10-94 and GOST R 34.10-2001 algorithms). 


For security discussion concerning use of algorithm parameters, see 
the Security Considerations section in [CPALGS]. 
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4. Examples 


4.1. GOST R 34.10-94 Certificate 


MIICCzCCAboCECMO42BGISTOxwvklBgufuswCAYGKOoUDAgIEMGkxHTADBgNVBAMM 
FEdvc3RSMzQOxMCOSNCBleGFtcGxlMRIwWEAYDVOOKDAlDcnlwdG9Qcm8xCzAJBgNV 
BAYTAlJVMScwJQYJKOoZIhvcNAQkBFhhHb3NOUjMOMTAtOTRAZXhhbXBsZ$85jb20w 
HhcNMDUwODE2MTIzMjUwWhcNMTUwWODE2MTIzMjUwWJjBpMROwGwYDVOODDBRHD3NO 
UjMOMTAtOTOgZXhhbXBsZTESMBAGA1UECgwJQ3J5CHRvUHJvMOswCQYDVOQOGEWwJS 
VTEnMCUGCSqGSIb3DQEJARYYR29zdFIzNDEwLTkOQGVAYW1wbGUuY29tMIGlMBwG 
BiqFAwICFDASBgcqhQMCAiACBgcqhQOMCAh4BA4GEAASBgLuEZuF5nlsO2CyAfxOo 
GWZxV/6MVCUhR28wCyd3RpjG-*0dVvrey85NsObVCNyaE4g0QiiQOHwxCTSs7ESuo 
v2Y5MIyUi8Go/htjEvYJJYfMdRv05YmKCYJo01x3pg-*2kBATjeM-*fJyR1qwNCCw- 
eMGlwra3GqgqiOWBkzIydvp7MAgGBiqFAwICBANBABHHCHAS3ALxAiMpR3aPRyqB 
g1DjB8zy5DEjiULIC-tHeIveF81W91OxGkZzxnrFjXBSqnjLeFKgFlhffXOAP7zUM- 


0 30 523: SEQUENCE { 
4 30 442: SEQUENCE { 


8 02 16: INTEGER 
: 23 OE E3 60 46 95 24 CE C7 OB E4 94 18 2E 7E EB 
26 30 8: SEQUENCE { 


28 06 6: OBJECT IDENTIFIER 
: id-GostR3411-94-with-GostR3410-94 (12 643 2 2 4) 
$ } 

36 30 105: SEQUENCE { 


38 31 29: SET { 
40 30 27: SEQUENCE { 
42 06 32: OBJECT IDENTIFIER commonName (2 5 4 3) 
47 OC 20: UTF8String 'GostR3410-94 example’ 

: } 

: } 
69 31 18: SET { 
71 30 16: SEQUENCE 1 
73 06 37 OBJECT IDENTIFIER organizationName (2 5 4 10) 
78 OC 9: UTF8String 'CryptoPro' 

: } 

} 

89 31 11 SET { 
91 30 9: SEQUENCE { 
93 06 Si OBJECT IDENTIFIER countryName (2 5 4 6) 
98 13 2: PrintableString ’ RU’ 


} 
: } 
102 31 39: SET { 


104 30 9s SEQUENCE { 
106 06 9: OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1) 
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117. 16 24: IA5String ’GostR3410-94@example.com’ 

: } 

} 

: } 
143 30 30: SEQUENCE { 
145 17 13 UTCTime '0508161232502' 
160 17 T3: UTCTime '1508161232502' 

: } 
175 30 105: SEQUENCE { 
T1331 29 SET { 
179 30 2T: SEQUENCE 1 
181 06 3% OBJECT IDENTIFIER commonName (2 5 4 3) 
186 OC 20: UTF8String 'GostR3410-94 example’ 

: } 

: } 
208 31 18: SET { 
210 30 16: SEQUENCE { 
212 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) 
217 OC 9: UTF8String 'CryptoPro' 

: } 

} 

228 31 11 SET { 
230 30 94 SEQUENCE { 
232 06 33 OBJECT IDENTIFIER countryName (2 5 4 6) 
231 t3 2% PrintableString 'RU' 


} 
: } 
241 31 39: SET { 


243 30 CE SEQUENCE 1 
245 06 9: OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1) 
256 16 24: IA5String ’GostR3410-94@example.com’ 

: } 

} 

: } 
282 30 165: SEQUENCE { 
285 30 28: SEQUENCE { 
287 06 6: OBJECT IDENTIFIER id-GostR3410-94 (1 2 643 2 2 20) 
295 30 18: SEQUENCE { 


297 06 es OBJECT IDENTIFIER 
: id-GostR3410-94-CryptoPro-A-ParamSet 
E (1264322 32 2) 
306 06 T OBJECT IDENTIFIER 
Z id-GostR3411-94-CryptoProParamSet 
(1 2 643 2 2 30 1) 


} 
: } 
315-03. 1325 BIT STRING 0 unused bits, encapsulates { 
319 04 128: OCTET STRING 
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) 
) 
$ } 
450 30 8: 
452 06 6: 


84 
57 
47 
10 
32 
1B 
13 
C2 


SEQUENCE { 
OBJECT IDENTIFIER 


Using GOST 


66 
FE 
33 
8A 
5C 
F4 
8D 
B6 


E1 
8c 
BE 
24 
94 
ES 
E3 
B7 


T9 
54 
B7 
OE 
8B 
89 
3E 
1A 


9E 
25 
B2 
1F 
C1 
8A 
7C 
A8 


with PKIX 


5B 34 
21 47 
F3 93 
UC 42 
A8 FE 
09 82 
9C 91 
2A 8B 


D8 
6F 
6C 
4D 
1B 
68 
D6 
45 


2C 
30 
39 
2B 
63 
D3 
AC 
81 


80 
OB 
BS 
3B 
12 
5C 
OD 
93 


id-GostR3411-94-with-GostR3410-94 


} 


460 03 65: BIT STRING 0 


L1 CT 
81 83 
22 F7 
2A A7 
) 


In the signature of the above certificate, 


and s equals 


08 
50 
85 
8c 


7E 
E3 
F3 
B7 


unused bits 


12 
07 
55 
85 


DC 
CC 
BD 
2A 


02 
F2 
94 
01 


F1 02 
E4 31 
EC 46 
75 85 


23 
23 
9d 
F7 


r' 


7F 
27 
42 
Ti 
F6 
77] 
08 
32 


13 
TI 
37 
2B 
09 
A6 
2C 
32 


29 47 76 8F 
89 42 C8 73 
9C 67 AC 58 
D7 38 03 FB 


equals 
0x22F785F355BD94EC46919C67AC58D7052AA78CB7852A017585F7D73803FBCD43 


A8 
46 
26 
A8 
25 
OF 
3E 
76 


47 
El 
D7 
CD 


19 
98 
84 
BF 
87 
B6 
78 
FA 


(1264322 


2A 
DE 
05 
43 


May 2006 


66 
CD 
E2 
66 
CC 
90 
C1 
7B 


0x11C7087E12DC0O2F102232947768F472A818350E307CCF2E431238942C873E1DE 


4.2. GOST R 34.10-2001 Certificate 


MIIBODCCAX8CECv1lxh7CEbOXx9zUYma0LiEwCAYGKOUDAgIDMGOxHzAdBgNVBAMM 
Fkdvc3RSMzQxMC0 yMDAxIGV4 YW1wbGUxE jJAQBGNVBAoMCUNyeXBOb1BybzELMAkG 
AlUEBhMCUIUxKTAnBgkqhkiG9wOBCQEWGkdvc3RSMzQOxMCOyMDAxQGVAYW1wbGUu 
Y29tMBAXDTA1MDgxNjEOMTgyMFoXDTE1MDgxNjEOMTgyMFowbTEfMBOGA1UEAwwW 
R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGAl1UECgwJQ3J5CcHRvUHJvMOswCQYD 
VOOGEWwJSVTEpMCCGCSqGSIDb3DOEJARYaR29zdFIzNDEWLTIwMDFAZXhhbXBsZ5S5]j 
b20wYzAcBgYqhOMCAhMwEgYHKOUDAgIkAAYHKOUDAgIeAQNDAARAhJVOQOWACGKkBI1 
CMOTjDGJLP31BON601z0bSsP508yfleP 68wWuZWIA9CafIWuD+SN6qa7flbHy7Df 
D2a8yuoaYDAIBgYqhOMCAgMDQOA8L8kJRLcnqeynlen7U23Sw6pkfEQu3u0xFkVP 


vFQ/3cHeF26NG*xxtZPz3TaTVXdoiYkXYiDO2rExl1bUCcM97i 


2B F5 C6 1E C2 11 BD 17 C7 DC D4 62 66 B4 2E 21 


0 30 464: SEQUENCE { 

4 30 383: SEQUENCE { 

8 02 1:65 INTEGER 
26 30 8: SEQUENCE { 
28 06 6: 
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id-GostR3411-94-with-GostR3410-2001 (12 643 2 2 3) 


: } 
36 30 109: SEQUENCE { 


38- 31 336 SET ( 
40 30 29: SEQUENCE 1 
42 06 3 OBJECT IDENTIFIER commonName (2 5 4 3) 
47 OC 225 UTF8String 'GostR3410-2001 example’ 

: } 

: } 
71 31 18: SET { 
73 30 16: SEQUENCE 1 
75 06 3% OBJECT IDENTIFIER organizationName (2 5 4 10) 
80 OC 9: UTF8String 'CryptoPro' 

: } 

} 

91 31 11 SET { 
93 30 9: SEQUENCE { 
95 06 ER OBJECT IDENTIFIER countryName (25 4 6) 
100-3 2 PrintableString ’ RU’ 


} 
: } 
104 31 41: SET { 


106 30 39: SEQUENCE { 
108 06 9: OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1) 
119 16 26: IA5String ’GostR3410-2001@example.com’ 
$ } 
} 
: } 
147 30 30: SEQUENCE { 
149 17 13: UTCTime '0508161418202" 
164 17 LS UTCTime '1508161418202' 
: } 
179 30 109: SEQUENCE { 
181 31 31: SET { 
183 30 29: SEQUENCE { 
185 06 3$ OBJECT IDENTIFIER commonName (2 5 4 3) 
190 OC 225 UTF8String 'GostR3410-2001 example’ 
i } 
$ } 
214 31 18: SET { 
216 30 16: SEQUENCE 1 
218 06 js OBJECT IDENTIFIER organizationName (2 5 4 10) 
223. 0C 9e UTF8String 'CryptoPro' 
: } 
: } 
234 31 ETs SET { 
236 30 9: SEQUENCE { 
238 06 33 OBJECT IDENTIFIER countryName (2 5 4 6) 
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243 13 2 PrintableString 'RU' 
: } 
: } 
247 3T 41: SET { 
249 30 39i: SEQUENCE { 
251 06 9: OBJECT IDENTIFIER emailAddress (1 2 840 113549 1 9 1) 


262 16 26: IA5String ’GostR3410-2001@example.com’ 
E } 
} 
: } 
290 30 99: SEQUENCE { 


292 30 28: SEQUENCE { 
294 06 6: OBJECT IDENTIFIER id-GostR3410-2001 (1 2 643 2 2 19) 
302 30 18: SEQUENCE { 


304 06 dog OBJECT IDENTIFIER 
E id-GostR3410-2001-CryptoPro-XchA-ParamSet 
: (1 2 643 2 2 36 0) 
313 06 Ts OBJECT IDENTIFIER 
: id-GostR3411-94-CryptoProParamSet 
(1 2 643 2 2 30 1) 


} 
$ } 
322 03 67: BIT STRING 0 unused bits, encapsulates { 
325 04 64: OCTET STRING 
: 84 95 68 75 60 02 1A 40 75 08 CD 13 8C 31 89 2C 
FD E5 05 03 7A 43 5C F4 6D 2B OF E7 4F 32 7E 57 
8F EB CC 16 B9 95 88 03 DO 9A 7C 85 AE OF E4 8D 
EA A6 BB 7E 56 C7 CB BO DF OF 66 BC CA EA 1A 60 
} 
} 
} 
391 30 SEQUENCE { 
393 06 6: OBJECT IDENTIFIER 
: id-GostR3411-94-with-GostR3410-2001 (12 6432 2 3) 
: } 
401 03 65: BIT STRING 0 unused bits 
H 3C 2F C9 09 44 B7 27 AY EC A7 D5 EY FB 53 6D D2 
C3 AA 64 7C 44 2E DE ED 31 16 45 4F BC 54 3F DD 
C1 DE 17 6E 8D 1B EC 71 B5 93 F3 DD 36 93 55 77 
68 89 89 17 62 20 F4 DA B1 31 D5 B5 1C 33 DE E2 
} 


[o9] 


In the public key of the above certificate, x equals 
0x577E324FE70F2B6DF45C437A0305E5FD2C89318C13CD0875401A026075689584 
and y equals 
Ox601AEACABC660FDFBOCBC7567EBBAGEA8DEA40FAE857C9AD0038895B916CCEB8F 
The corresponding private key d equals 
0x0B293BE050D0082BDAE785631A6BAB68F35B42786D6DDA56AFAF169891040F 77 
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In the signature of the above certificate, r equals 
OxClDE176E8D1BEC71B593F3DD36935577688989176220FA4DAB131D5B51C33DEE2 
and s equals 
0x3C2FC90944B727A9ECA7D5E9FB536DD2C3AA647C442EDEED3116454FBC543FDD 
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